alastairstevenson
Staff member
-
Featured
- #401
Dahua Firmware Mod Kit + Modded Dahua Firmware
I'm not worried
For me all is clear!
Just ask comment for others and nothing more.
You understand that people trust you and your modifired firmware when upgrade theis IPC.
For Eos (3rd gen) cameras: in the fucking OP.....
SyconsciousAu
Getting comfortable
- Joined
- Sep 13, 2015
- Messages
- 872
- Reaction score
- 825
Can confirm working on this camera.
beingaware
Pulling my weight
Indeed it does.
oscarrines
n3wb
- Joined
- May 27, 2017
- Messages
- 2
- Reaction score
- 0
Can confirm that the mod-kit also works for customizing VTOXXX SIP firmware - thanks for all the effort and explanations to make it available.
I have a question though regarding squashfs part of the build.py - it fails at building user-x.cramfs.img complaining mksquashfs3 does not exist. The script seems to be calling different mksquashfs binaries/version in respect to different headers. As much as I searched, I could not find any information regarding different mksquashfs binaries.
Hence I tried "ln -s mksquashfs mksquashfs3", after which the build.py ran fine. However, the VTO bricked after uploading this new firmware. When I connected to the device via serial, I saw that the boot failed because the VTO could not mount this squashfs image to /usr. Thus I tftp'ed the user-x image from the original firmware (I did not need any changes with it anyway) and VTO booted OK with everything functional.
I will appreciate any help regarding the next two points:
1- Obviously mksquashfs3 is required. I checked the fork at github BotoXas instructed in the mod-kit's readme, but the makefile here also seems to produce only mksquashfs. Where can I obtain this ?
2- Although I added /sbin/utelnetd (which I downloaded from here) to the image and added changed rcS, utelnetd does not seem to work. When I do /sbin/utelnetd from the command line obtained with serial connection, I get /bin/sh command not found.
I have a question though regarding squashfs part of the build.py - it fails at building user-x.cramfs.img complaining mksquashfs3 does not exist. The script seems to be calling different mksquashfs binaries/version in respect to different headers. As much as I searched, I could not find any information regarding different mksquashfs binaries.
Hence I tried "ln -s mksquashfs mksquashfs3", after which the build.py ran fine. However, the VTO bricked after uploading this new firmware. When I connected to the device via serial, I saw that the boot failed because the VTO could not mount this squashfs image to /usr. Thus I tftp'ed the user-x image from the original firmware (I did not need any changes with it anyway) and VTO booted OK with everything functional.
I will appreciate any help regarding the next two points:
1- Obviously mksquashfs3 is required. I checked the fork at github BotoXas instructed in the mod-kit's readme, but the makefile here also seems to produce only mksquashfs. Where can I obtain this ?
2- Although I added /sbin/utelnetd (which I downloaded from here) to the image and added changed rcS, utelnetd does not seem to work. When I do /sbin/utelnetd from the command line obtained with serial connection, I get /bin/sh command not found.
oscarrines
n3wb
- Joined
- May 27, 2017
- Messages
- 2
- Reaction score
- 0
I resolved this by building mksquashfs from the version 3.4 source (obviously Ubuntu Zesty omits to package version 3 and 4 together).
utelnetd remains to be an issue. Any hints there ?
HI guys,
Do you know if it's possible to use this mod kit to patch a international firmware for a Chinese version of HDBW5231R-Z?
This is the cam
IPC-HDBW5231R-Z | Dahua Technology
The English firmware I can't use:
Index of /Dahua/kamerove_systemy/_Firmware/04IPC/04-Eco-savvy 2.0/DH/DH_IPC-HX5XXX-Eos_Eng_P_128M_Stream3_V2.420.0000.22.R.20161209
Thanks for the help
Do you know if it's possible to use this mod kit to patch a international firmware for a Chinese version of HDBW5231R-Z?
This is the cam
IPC-HDBW5231R-Z | Dahua Technology
The English firmware I can't use:
Index of /Dahua/kamerove_systemy/_Firmware/04IPC/04-Eco-savvy 2.0/DH/DH_IPC-HX5XXX-Eos_Eng_P_128M_Stream3_V2.420.0000.22.R.20161209
Thanks for the help
Last edited:
Here is a quick patch: https://i.botox.bz/DH_IPC-HX5XXX-Eos_Eng_P_128M_Stream3_V2.420.0000.22.R.20161209.bin
Thanks Cor35vet!
As I have Chinese version, these no much risk of brick with this version?
Is brick, is it still possible to recover via serial? Because I can't find anywhere the Chinese firmware for this cam!
Do you get telnet enabled again?
Thanks a lot for that!
As I have Chinese version, these no much risk of brick with this version?
Is brick, is it still possible to recover via serial? Because I can't find anywhere the Chinese firmware for this cam!
Do you get telnet enabled again?
Thanks a lot for that!
I only patched the region check in the english firmware you sent me.
Recovery without firmware, good question...
You could get into the camera if you have a serial adapter and the knowledge and dump the current firmware.
Bricking isn't very likely once that part of the code is patched, since that is the only place where it checks if the camera is international or chinese.
I've added telnet on port 2300 to the image now:
https://i.botox.bz/DH_IPC-HX5XXX-Eos_Eng_P_128M_Stream3_V2.420.0000.22.R.20161209.bin
Thanks for your help
I have 2 cams like that, if one get brick, i can get firmware from the other.
Is it hard to do it? do you know where i can find a howto to extract, dump and burn again the current firmware?
I wait for your answer before trying it!
Many, Many thanks for your help
I have 2 cams like that, if one get brick, i can get firmware from the other.
Is it hard to do it? do you know where i can find a howto to extract, dump and burn again the current firmware?
I wait for your answer before trying it!
Many, Many thanks for your help
"Is it hard to do it?" - Not for me?
If you have a USB to UART (serial) converter and used linux before then it's definitely possible.
You can try Dahua IPC unbricking / recovery over serial UART and TFTP
and do the ping $serverip part to check if your camera can do TFTP recovery.
Which firmware version is your camera on right now?
Good, you should try this now:I know a bit linux, i have several linux server, so i'm not afraid of shell! I also do some linux and raspberry stuff
my version is
telnet is lock on this version
and if that works then you know that you can restore the camera from u-boot if it doesn't boot anymore.
And I've also restored the camera with a raspberry pi and a clip like this before: SOIC8 SOP8 Flash Chip IC Test Clips Socket Adpter BIOS/24/25/93 Programmer
So even if the boot loader is fucked you can still restore it from your other camera.
As an eBay Associate IPCamTalk earns from qualifying purchases.
I'm thinking of something, if I connect by serial UART, why not just change the language file directly without flashing by webservice? Is it not more safe?
Also can you tell me the cmd to dump the complete firmware?
Many thanks
Also can you tell me the cmd to dump the complete firmware?
Many thanks
Last edited: